Overview

overview

10

Static

static

59e3813b05...59.dll

windows7-x64

10

59e3813b05...59.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59e3813b05edcb779baa462791f1a3383498bd0a6bc95993e6bd0c8e4ce0e059

  • Size

    377KB

  • Sample

    221117-vmdtfsfa62

  • MD5

    2d5ed2b25105753b8dfbc68e38718f2d

  • SHA1

    7c1160e74747648485a2e3af179d060d7c4a33c4

  • SHA256

    59e3813b05edcb779baa462791f1a3383498bd0a6bc95993e6bd0c8e4ce0e059

  • SHA512

    ed4ce41c0064484c689e1276bf2fc921425505e3792fc8fc5b3c73a26be04c7c932571f63a1d39359461adca3f66dc9817c1a6800d6984a1a7b08eb34bd6c308

  • SSDEEP

    6144:kmNegonFhyT43MVrbAMTJE2L3RohJF3bmNegonFhyT43MVrbAMTJE2LLRohJF:kuxonFgE38NtoHdbuxonFgE38NBoH

Score
10/10
icedid1139942657bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1139942657

C2

newscommercde.com

spkdeutshnewsupp.com

germanysupportspk.com

nrwmarkettoys.com
Attributes
  • auth_var

    2

  • url_path

    /news/

Targets

    • Target

      59e3813b05edcb779baa462791f1a3383498bd0a6bc95993e6bd0c8e4ce0e059

    • Size

      377KB

    • MD5

      2d5ed2b25105753b8dfbc68e38718f2d

    • SHA1

      7c1160e74747648485a2e3af179d060d7c4a33c4

    • SHA256

      59e3813b05edcb779baa462791f1a3383498bd0a6bc95993e6bd0c8e4ce0e059

    • SHA512

      ed4ce41c0064484c689e1276bf2fc921425505e3792fc8fc5b3c73a26be04c7c932571f63a1d39359461adca3f66dc9817c1a6800d6984a1a7b08eb34bd6c308

    • SSDEEP

      6144:kmNegonFhyT43MVrbAMTJE2L3RohJF3bmNegonFhyT43MVrbAMTJE2LLRohJF:kuxonFgE38NtoHdbuxonFgE38NBoH

    Score
    10/10
    icedid1139942657bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks